Application No. 09/853,770 
Page 3 



5. (Currently Amended) A -The token according to claim 31, further comprising a radio unit 
(42)-for transmitting the communication data from said protocol conversion unit (44>to the use 
device through a radio section. 

6. (Currently Amended) A ^The token according to claim 1, further comprising a battery 
(BAT1 — BAT3) for supplying power. 

7. (Currently Amended) A rThe token according to claim 6, wherein said battery comprises 
a secondary battery charged by power supply from the use-device when said authentication token 
is connected to the use-device. 

8. (Currently Amended) A -The token according to claim 1, wherein said storage unit has, in 
addition to a storage area for storing the registered data, at least one storage area for storing 
another information. 

9. (Currently Amended) A -The token according to claim 7, wherein said at least one storage 
area for storing another information includes a storage area for storing personal information of 
the user and a storage area for storing service information. 

10. (Currently Amended) An authentication system for executing user authentication, which 
is necessary for use of a use-device (2, 102) for executing predetermined processing, by using 
biometrical information of a user, characterized by comprising: 

an authentication token (1, 101) which is normally held by the user and, when the user is 
to use said use-device, the authentication token connected to said use-device and to perform user 
authentication on the basis of the biometrical information of the user, 

said authentication token (1, 101) comprising 

a personal collation unit (4-§)-including a sensor (44)-for detecting the biometrical 
information of the user and outputting a detection result as sensing data, a storage unit £13) 
which stores in advance registered data to be collated with the biometrical information of the 
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user, and a collation unit (±3}-for collating the registered data stored in said storage unit (±2)-with 
the sensing data from said sensor (W)-and outputting a collation result representing a user 
authentication result as authentication data, and 

a first communication unit f±4)-for transmitting the authentication data from said personal 
collation unit (45)-to said use-device as communication data, 

said personal collation unit and communication unit being integrated, and 

said use-device (2, 102) comprising 

a second communication unit (24^-for receiving the communication data transmitted from 
said authentication token (1, 101) and outputting the data as the authentication data, and 

a processing unit (22)-for executing the predetermined processing on the basis of the 
collation result contained in the authentication data from said second communication unit-{£i). 

11. (Currently Amended) A rThe system according to claim 10, wherein said storage unit has 
a plurality of storage areas for storing not only the registered information of the user but also 
another information. 

12. (Currently Amended) A rThe system according to claim 10, wherein 

said storage unit (12) of said authentication token (1, 101) stores in advance user 
information unique to the user, which is to be used for processing in said use-device-(2), 

said collation unit (±3)-of said authentication token (1, 101) outputs the authentication 
data containing the user information read out from said storage unit-(13), and 

said processing unit (22)-of said use-device (2, 102) executes processing using the user 
information contained in the authentication data from said second communication unit-(2±). 

13. (Currently Amended) A -The system according to claim 10, further comprising a data 
conversion module (3, 4 1) connected to said authentication token (1, 101) to convert the 
communication data from said first communication unit (±4)-of said authentication token into a 
predetermined data format and transmit the communication data to said use-device (2, 102) . 



14. 



(Currently Amended) Ar The system according to claim 10, wherein 
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said system further comprises a radio module-(4) connected to said authentication token 
(1, 101) to transmit the communication data from said first communication unit-(±4) of said 
authentication token £B-to said use-device (2)-through a radio section, and 

said use-device (2, 102) comprises a radio unit (23)-for receiving the communication data 
transmitted from said radio module (4}-through the radio section and outputting the 
communication data to said second communication unit-(24-). 

15. (Currently Amended) A- The system according to claim 13, wherein 

said system further comprises a radio module-(4) connected to said authentication token 
(1, 101) to transmit the communication data from said data conversion module (44)-to said use 
device through a radio section, and 

said use-device (2, 102) comprises a radio unit (23)-for receiving the communication data 
transmitted from said radio module (4)-through the radio section and outputting the 
communication data to said second communication unit (21) . 

16. (Currently Amended) Ar The system according to claim 10, wherein said authentication 
token (1, 101) further comprises a battery for supplying power into said authentication token. 

17. (Currently Amended) A -The system according to claim 13, wherein said data conversion 
module (3)-further comprises a battery for supplying power into said data conversion module and 
authentication token. 

18. (Currently Amended) A -The system according to claim 14, wherein said radio module 
(4) further comprises a battery for supplying power into said radio module (4}-and authentication 
token (1, 101) . 

19. (Currently Amended) A -The system according to claim 16, wherein said battery 
comprises a secondary battery charged by power supply from said use-device when said 
authentication token is connected to said use-device. 
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20. (Currently Amended) Ar The token according to claim 1, wherein 

said authentication token further comprises another storage circuit (112) for storing a 
password of said authentication token (101) and token identification information for identifying 
said authentication token, and 

when the personal collation result indicates that the collation is successful, said 
communication unit (113) transmits the password and token identification information in said 
another storage circuit (112) to said service providing apparatus as the communication data. 

21. (Currently Amended) An authentication system for executing user authentication, which 
is necessary when a user is to use a service providing apparatus for providing a predetermined 
service, by using biometrical information of the user, charact e riz e d by comprising: 

an authentication token (101) which is normally held by the user and, when the user is to 
use said service providing apparatus, connected to said service providing apparatus (102) to 
perform user authentication on the basis of the biometrical information of the user, 

said authentication token (4W)-comprising a personal collation unit (111) for performing 
collation on the basis of the biometrical information detected from the user to check whether the 
user is an authentic user, a storage circuit (112) for storing a password of said authentication 
token and token identification information for identifying said authentication token, and a first 
communication unit (113) for, when a collation result by said personal collation unit indicates 
that collation is successful, transmitting the password and token identification information in said 
storage circuit to said service providing apparatus (102) as communication data, and 

said service providing apparatus (4Q2)-comprising a second communication unit (121) for 
receiving the communication data from said authentication token, a first database (122) for 
storing the token identification information and password of said authentication token in advance 
in association with each other, a collation circuit (123) for collating the password contained in 
the communication data with a password obtained from said first database using the token 
identification information as a key, and a processing unit (12 4 ) for providing the service to the 
user on the basis of a collation result by said collation circuit. 
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22. (Currently Amended) A rThe system according to claim 21, further comprising a 
registration apparatus (±03}-connected to said service providing apparatus (102) through a 
communication network (10 4 ) to register the token identification information and password in 
said database (122) in association with each other. 

23. (Currently Amended) A^ The system according to claim 21, wherein 

said service providing apparatus (102) has a password generation circuit (125) for 
generating a new password and transmitting the new password to said authentication token 
through said second communication unit and updating the password stored in said first database 
(452), and 

said first communication unit (113) of said authentication token updates the password 
stored in said storage circuit (112) by the new password received from said service providing 
apparatus. 

24. (Currently Amended) A rThe system according to claim 21, wherein 

said service providing apparatus (102) has a storage circuit (126) for storing device 
identification information for identifying said service providing apparatus, and said second 
communication unit (121) reads out the device identification information from said storage 
circuit (126) and transmits the identification information to said authentication token when said 
authentication token is connected, and 

said authentication token (101) has a second database (11 4 ) for storing the password and 
the device identification information for identifying the service providing apparatus (102) in 
association with each other, and said first communication unit (113) uses, as the password to be 
transmitted to said service providing apparatus, a password obtained from said second database 
(11 4 ) using the device identification information received from said service providing apparatus 
as a key. 

25. (Currently Amended) An authentication method of executing user authentication, which 
is necessary when a user is to use a service providing apparatus for providing a predetermined 
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service, between the service providing apparatus and an authentication token for executing the 
user authentication using biometrical information of the user, characterized in that 

the authentication token (101) stores in advance a password of the authentication token 
and token identification information for identifying the authentication token, performs collation 
on the basis of the biometrical information detected from the user to check whether the user is an 
authentic user, and when a collation result indicates that collation is successful, transmits the 
password and token identification information to the service providing apparatus (102) as 
communication data, and 

the service providing apparatus (102) stores the token identification information and 
password of the authentication token in advance in a first database (122) in association with each 
other, collates the password contained in the communication data received from the 
authentication token with a password obtained from the first database (122) using the token 
identification information as a key, and provides the service to the user on the basis of a collation 
result. 

26. (Currently Amended) AThe method according to claim 25, wherein the token 
identification information and password are registered in the first database (122) in association 
with each other from a registration apparatus (±03)-connected to the service providing apparatus 
through a communication network-(±04). 

27. (Currently Amended) A The method according to claim 25, wherein 

the service providing apparatus (102) causes a password generation circuit to generate a 
new password, transmits the new password to the authentication token (101) through the second 
communication unit (121) , and updates the password stored in the first database (122) , and 

the authentication token (101) updates the password stored in advance by the new 
password received from the service providing apparatus. 
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28. (Currently Amended) AThe method according to claim 25, wherein 

the service providing apparatus (102) stores device identification information for 
identifying the service providing apparatus in advance, and transmits the device identification 
information to the authentication token when the authentication token (101) is connected, and 

the authentication token (101) stores in advance the password and the device 
identification information for identifying the service providing apparatus (102) in a second 
database (11 4 ) in association with each other, and uses, as the password to be transmitted to the 
service providing apparatus (102) , a password obtained from the second database (11 4 ) using the 
device identification information received from the service providing apparatus as a key. 

29. (Currently Amended) A recording medium which stores a program for causing a 
computer to execute an authentication procedure of executing user authentication, which is 
necessary when a user is to use a service providing apparatus (102) for providing a 
predetermined service, between the service providing apparatus (102) and an authentication 
token for executing the user authentication using biometrical information of the user, 

said program comprising th e st e ps of : 

in the service providing apparatus (102) , storing token identification information and a 
password of the authentication token in a first database (122) in advance in association with each 
other; 

in the authentication token (101) , after collation of the user based on the biometrical 
information detected from the user, and when a collation result indicates that collation is 
successful, receiving communication data containing the password of the authentication token 
(101) and the token identification information for identifying the authentication token, which is 
transmitted for the authentication token; 

collating the password contained in the communication data with a password obtained 
from the first database (122) using the token identification information as a key; and 

providing the service to the user on the basis of a collation result. 

30. (Currently Amended) A The medium according to claim 29, wherein said program further 
comprises th e st e p of , in the service providing apparatus (102) , registering the token 
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identification information and password in the first database (122) in association with each other 
from a registration apparatus £K&)-connected to the service providing apparatus through a 
communication network. 

31. (Currently Amended) AThe medium according to claim 29, wherein said program further 
comprises th e st e ps of : 

in the service providing apparatus (102) , causing a password generation circuit (125) to 
generate a new password; 

transmitting the new password to the authentication token (101) through the second 
communication unit so as to update the password stored in the authentication token in advance; 
and 

updating the password stored in the first database (122) b y the new password. 

32. (Currently Amended) A The medium according to claim 29, wherein said program further 
comprises th e st e ps of : 

in the service providing apparatus (102) , storing device identification information for 
identifying the service providing apparatus in advance; and 

transmitting the device identification information to the authentication token when the 
authentication token (101) is connected so as to store the password and the device identification 
information used to identify the service providing apparatus (102) in the authentication token in a 
second database (11 4 ) in association with each other, and searching the second database (11 4 ) 
for a password using the device identification information received from the service providing 
apparatus as a key as the password to be transmitted to the service providing apparatus. 

33. (Currently Amended) A program for causing a computer to execute an authentication 
procedure of executing user authentication, which is necessary when a user is to use a service 
providing apparatus (102) for providing a predetermined service, between the service providing 
apparatus (102) and an authentication token (101) for executing the user authentication using 
biometrical information of the user, 

said program causing the computer to e x e cut e th e st e ps of : 
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in the service providing apparatus (102) , sterieg-store_token identification information 
and a password of the authentication token in a first database (122) in advance in association 
with each other; 

in the authentication toke n (101) , after collation of the user based on the biometrical 
information detected from the user, and when a collation result indicates that collation is 
successful, r e c e iving receive communication data containing the password of the authentication 
token and the token identification information for identifying the authentication token, which is 
transmitted for the authentication token; 

collating collate the password contained in the communication data with a password 
obtained from the first database using the token identification information as a key; and 

providing provide the service to the user on the basis of a collation result. 

34. (Currently Amended) AThe program according to claim 33, said program further causing 
the computer to furth e r comprising th e st e p of , in the service providing apparatus, registering the 
token identification information and password in the first database in association with each other 
from a registration apparatus connected to the service providing apparatus through a 
communication network. 

35. (Currently Amended) A The program according to claim 33, said program further causing 
the computer to furth e r comprising th e st e ps of : 

in the service providing apparatus, causing cause a password generation circuit to 
generate a new password; 

transmitting the new password to the authentication token through the second 
communication unit so as to update the password stored in the authentication token in advance; 
and 

updating update the password stored in the first database by the new password. 

36. (Currently Amended) A The program according to claim 33, said program further causing 
the computer to furth e r comprising th e st e ps of : 
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in the service providing apparatus, steriftg- store device identification information for 
identifying the service providing apparatus in advance; and 

transmitting the device identification information to the authentication token when the 
authentication token is connected so as to store the password and the device identification 
information used to identify the service providing apparatus in the authentication token in a 
second database in association with each other, and searching the second database for a password 
using the device identification information received from the service providing apparatus as a 
key as the password to be transmitted to the service providing apparatus. 

37. (Currently Amended) A biometrical information authentication storage which locks or 
unlocks a door of a main body in storing an article in the main body or taking out the article 
stored in the main body, and also unlocks the door on the basis of authentication of biometrical 
information of a user, charact e riz e d by comprising: 

drive means (213) for locking/unlocking the door; 

storage means (212) for storing the biometrical information of the user; and 
processing means (211) for controlling said drive means to unlock the door on the basis 
of matching between stored information in said storage means and detected information from a 
sensor for detecting the biometrical information of the use r, said processing means controls said 
drive means to unlock the door on the basis of matching between the stored information in said 
storage means and the fingerprint image from a fingerprint authentication token having the 
sensor for detecting the fingerprint image of the user as the biometrical information, 
wherein the fingerprint authentication token is independent of the main body and physically 
separated from the main body . 

38. (Currently Amended) A rThe storage according to claim 37, wherein 

said storage means stores a fingerprint image of the user as the biometrical information, 
wherein each user has a fingerprint authentication token and 

said proc e ssing m e ans controls said driv e m e ans to unlock th e door on th e basis of 

matching b e tw ee n th e stor e d information in said storag e m e ans and th e fing e rprint imag e from a 
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fing e rprint auth e ntication tok e n having th e s e nsor for detecting the fing e rprint imag e of th e us e r 
as th e biometrical information . 

39. (Currently Amended) A rThe storage according to claim 38, wherein 
said processing means comprises 

lock means for, when the fingerprint image of the user, which is transmitted from the 
fingerprint authentication token, is received in storing the article in the main body, controlling 
said drive means to lock the door and storing the received fingerprint image in said storage 
means, wherein each time the door is locked the fingerprint image received from the 
authentication token is stored in the storage means, and 

unlock means for controlling said drive means to unlock the door when the fingerprint 
image of the user, which is transmitted from the fingerprint authentication token, is received in 
taking out the article stored in the main body, and the received fingerprint image transmitted 
from the fingerprint authentication token, and matches the fingerprint image stored stored 
information in said storage means. 

40. (Currently Amended) A- The storage according to claim 38, wherein 
said processing means comprises 

lock means for, when the fingerprint authentication token is inserted into the main body 
in storing the article in the main body, controlling said drive means to lock the door, generating a 
password, storing the password in said storage means, transmitting the password to the 
fingerprint authentication token, and causing the fingerprint authentication token to store the 
password, and 

unlock means for controlling said drive means to unlock the door when a password based 
on matching between a registered fingerprint image and the fingerprint image detected by the 
sensor and output from the fingerprint authentication token is received in taking out the article 
stored in the main body, and the received password matches the password in said storage means. 

41 . (Currently Amended) A -The storage according to claim 38, wherein 
said processing means comprises 
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lock means for, when a password based on matching between a registered fingerprint 
image and the fingerprint image detected by the sensor and output from the fingerprint 
authentication token is received in storing the article in the main body, controlling said drive 
means to lock the door, and storing the received password in said storage means, and 

unlock means for controlling said drive means to unlock the door when the password 
based on matching between the registered fingerprint image and the fingerprint image detected 
by the sensor and output from the fingerprint authentication token is received in taking out the 
article stored in the main body, and the received password matches the password in said storage 
means. 

42. (Currently Amended) A rThe storage according to claim 38, wherein 
said storage further comprises 

a plurality of storage sections capable of independently storing articles and having 
corresponding doors, 

designation means for designating one of the plurality of doors, and 
display means for displaying a number of the door, and 
said processing means comprises 

first display control means for, when a corresponding door is closed in storing an article 
in a storage section, displaying the number of the door on said display means, 

lock means for, when the door number displayed on said display means is designated by 
said designation means, and the fingerprint authentication token is inserted into the main body, 
controlling said drive means to lock the door, generating a password, storing the password and 
the door number in said storage means, transmitting the password and the door number to the 
fingerprint authentication token, and causing the fingerprint authentication token to store the 
password and the door number, 

second display control means for, when the fingerprint authentication token is inserted 
into the main body in taking out the article stored in said storage section, displaying the door 
number stored in the fingerprint authentication token on said display means, and 

unlock means for controlling said drive means to unlock the door when the door number 
displayed on said display means is designated by said designation means, and a password based 
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on matching between a registered fingerprint image and the fingerprint image detected by the 
sensor and output from the fingerprint authentication token is received, and the received 
password matches the password in said storage means. 

43. (Currently Amended) A -The storage according to claim 37, wherein 

said storage further comprises check means for checking coins of a predetermined 
amount, which are put in by the user in storing the article, and 

when said check means checks that the coins of the predetermined amount are put in, said 
processing means controls said drive means to lock the door. 

44. (Currently Amended) A lock/unlock method for a biometrical information authentication 
storage which locks or unlocks a door of a main body in storing an article in the main body or 
taking out the article stored in the main body, and also unlocks the door on the basis of 
authentication of biometrical information of a user, charact e riz e d by comprising: 

the first step of unlocking the door on the basis of matching between stored information 
stored in storage means in advance and detected information from a sensor for detecting the 
biometrical information of the use r; and 

processing the first step comprises a second step of unlocking the door on the basis of 
matching between the stored information in the storage means and a fingerprint image from a 
fingerprint authentication token having the sensor for detecting the fingerprint image of the user 
as the biometrical information, 

wherein the token is independent of the main body and physically separated from the main body . 

45. (Currently Amended) A /The method according to claim 44, wherein 

the storage means stores a fingerprint image of the user as the biometrical information, 
wherein each user has a fingerprint authentication tokena nd 

proc e ssing in th e first st e p compris e s th e s e cond st e p of unlocking th e door on th e basis 

of matching b e tw ee n th e stor e d information in th e storag e m e ans and th e fing e rprint imag e from 
a fing e rprint auth e ntication tok e n having th e s e nsor for d e t e cting th e fing e rprint imag e of th e 
us e r as th e biom e trical information . 



Application No. 09/853,770 
Page 16 

46. (Currently Amended) Ar The method according to claim 45, wherein 
processing in the second step comprises 

the-ajhird step of, when the fingerprint image of the user, which is transmitted from the 
fingerprint authentication token, is received in storing the article in the main body, locking the 
door and storing the received fingerprint image in the storage means, wherein each time the door 
is locked the fingerprint image received from the authentication token is stored in the storage 
means, and 

the-afourth step of matching the fingerprint image stored in the storage means with the 
finger print transmitted from the fingerprint authentication token, and unlocking the door when 
the fingerprint image of the user, which is transmitted from the fingerprint authentication token, 
is received in taking out the article stored in the main body, and the received fingerprint image 
matches the stored information fingerprint image in the storage means. 

47. (Currently Amended) A rThe method according to claim 45, wherein 
processing in the second step comprises 

the-aTifth step of, when the fingerprint authentication token is inserted into the main body 
in storing the article in the main body, locking the door, generating a password, storing the 
password in the storage means, transmitting the password to the fingerprint authentication token, 
and causing the fingerprint authentication token to store the password, and 

the-a_sixth step of unlocking the door when a password based on matching between a 
registered fingerprint image and the fingerprint image detected by the sensor and output from the 
fingerprint authentication token is received in taking out the article stored in the main body, and 
the received password matches the password in the storage means. 

48. (Currently Amended) AThe method according to claim 45, wherein 
processing in the second step comprises 

the-a_seventh step of, when a password based on matching between a registered 
fingerprint image and the fingerprint image detected by the sensor and output from the 
fingerprint authentication token is received in storing the article in the main body, locking the 
door, and storing the received password in the storage means, and 
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the-an eighth step of unlocking the door when the password based on matching between 
the registered fingerprint image and the fingerprint image detected by the sensor and output from 
the fingerprint authentication token is received in taking out the article stored in the main body, 
and the received password matches the password in the storage means. 

49. (Currently Amended) AThe method according to claim 45, wherein 

the storage further comprises a plurality of storage sections capable of independently 
storing articles and having corresponding doors, and 
processing in the second step comprises 

the-aninth step of, when a corresponding door is closed in storing an article in a storage 
section, displaying a number of the door, 

the-a_10th step of, when the door number displayed on the basis of processing in the ninth 
step is designated, and the fingerprint authentication token is inserted into the main body, locking 
the door, generating a password, storing the password and the door number in the storage means, 
transmitting the password and the door number to the fingerprint authentication token, and 
causing the fingerprint authentication token to store the password and the door number, 

the-an 11th step of, when the fingerprint authentication token is inserted into the main 
body in taking out the article stored in the storage section, displaying the door number stored in 
the fingerprint authentication token, and 

the-£Ll2th step of unlocking the door when the door number displayed on the basis of 
processing in the 1 1th step is designated, and a password based on matching between a registered 
fingerprint image and the fingerprint image detected by the sensor and output from the 
fingerprint authentication token is received, and the received password matches the password in 
the storage means. 

50. (Currently Amended) AThe method according to claim 45, wherein 

the method further comprises the-a^l3th step of checking coins of a predetermined 
amount, which are put in by the user in storing the article, and 
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processing in the first step comprises tfee-aJ4th step of locking the door when that the 
coins of the predetermined amount are put in is checked on the basis of processing in the 13 th 
step. 

5 1 . (Withdrawn) A gate opening/closing system for opening/closing an entrance gate for a 
site, characterized by comprising: 

an authentication token (306) for authenticating a user on the basis of biometrical 
information of the user; 

a database (302) for storing identification information of the user when the user prepays 
an admission to the site; and 

control means (303) for, when said authentication token authenticates that the user is an 
authentic user, and the identification information of the user, which is stored in said 
authentication token in advance, is output from said authentication token at the time of entrance 
of the user to the site, receiving the identification information, and when the received 
identification information has been stored in said database, opening the entrance gate. 

52. (Withdrawn) A gate opening/closing system for opening/closing an entrance gate for a 
site, characterized by comprising: 

information transmission/reception means for transmitting/receiving information to/from 
an authentication token which stores identification information of a user; 

a database for storing the identification information of the user when the user prepays an 
admission to the site; and 

control means for opening the entrance gate when said authentication token authenticates 
that the user is an authentic user on the basis of biometrical information of the user, the 
identification information of the user, which is output from said authentication token, is received 
by said information transmission/reception means at the time of entrance of the user to the site, 
and the received identification information has been stored in said database. 
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53 . (Withdrawn) A system according to claim 5 1 , wherein 

said authentication token is a fingerprint authentication token for authenticating the user 
on the basis of fingerprint information of the user, and comprises 

storage means for storing the fingerprint information of the user, 

a fingerprint sensor for detecting a fingerprint of the user, and 

processing means for authenticating the user as the authentic user on the basis of 
matching between detected information from said fingerprint sensor and stored information in 
said storage means. 

54. (Withdrawn) A system according to claim 52, wherein 

said authentication token is a fingerprint authentication token for authenticating the user 
on the basis of fingerprint information of the user, and comprises 

storage means for storing the fingerprint information of the user, 

a fingerprint sensor for detecting a fingerprint of the user, and 

processing means for authenticating the user as the authentic user on the basis of 
matching between detected information from said fingerprint sensor and stored information in 
said storage means. 

55. (Withdrawn) A system according to claim 5 1 , further comprising identification 
information assignment means for, when said fingerprint authentication token is inserted, and the 
user prepays the admission to the site, generating a password and causing said fingerprint 
authentication token to store the password as the identification information, and transmitting the 
password to said database and causing said database to store the password as the identification 
information of the user. 

56. (Withdrawn) A system according to claim 52, further comprising identification 
information assignment means for, when said fingerprint authentication token is inserted, and the 
user prepays the admission to the site, generating a password and causing said fingerprint 
authentication token to store the password as the identification information, and transmitting the 
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password to said database and causing said database to store the password as the identification 
information of the user. 

57. (Withdrawn) A system according to claim 5 1 , wherein 

said fingerprint authentication token stores an identification number of the user as the 
identification information in advance, and 

said system further comprises identification information assignment means for, when said 
fingerprint authentication token is inserted, and the user prepays the admission to the site, 
reading the identification information from the fingerprint authentication token, transmitting the 
identification information to said database, and causing said database to store the identification 
information as the identification information of the user. 

58. (Withdrawn) A system according to claim 52, wherein 

said fingerprint authentication token stores an identification number of the user as the 
identification information in advance, and 

said system further comprises identification information assignment means for, when said 
fingerprint authentication token is inserted, and the user prepays the admission to the site, 
reading the identification information from the fingerprint authentication token, transmitting the 
identification information to said database, and causing said database to store the identification 
information as the identification information of the user. 

59. (Withdrawn) A system according to claim 5 1 , further comprising 

transmission means for converting identification information added to said authentication 
token and output from said authentication token into a radio signal or infrared signal and 
transmitting the signal, and 

reception means, arranged near the entrance gate, for, upon receiving the radio signal or 
infrared signal transmitted by said transmission means, sending the identification information 
contained in the received radio signal or infrared signal to said control means. 
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60. (Withdrawn) A system according to claim 52, further comprising 

transmission means for converting identification information added to said authentication 
token and output from said authentication token into a radio signal or infrared signal and 
transmitting the signal, and 

reception means, arranged near the entrance gate, for, upon receiving the radio signal or 
infrared signal transmitted by said transmission means, sending the identification information 
contained in the received radio signal or infrared signal to said control means. 

61 . (Withdrawn) A biometrical information authentication automatic teller machine for 
providing, to a user, a service including deposit/withdrawal of cash for the user on the basis of 
authentication of biometrical information of the user, characterized by comprising: 

a biometrical information authentication token for authenticating the user on the basis of 

the biometrical information of the user, 

said biometrical information authentication token (1) comprising 
storage means (12) for storing the biometrical information of the user, 
a sensor (1 1) for detecting the biometrical information of the user, and 
processing means (13) for outputting control information on the basis of matching 

between detected information from said sensor and stored information in said storage means, and 
said biometrical information authentication automatic teller machine (401) comprising 

service providing means for providing the service to the user on the basis of the control 

information from said processing means. 

62. (Withdrawn) A machine according to claim 61, wherein 

said machine further comprises a database (410) which stores an outstanding balance 
corresponding to an account number of the user in advance, 

said storage means of said biometrical information authentication token stores the 
account number of the user, 

said processing means outputs the account number in said storage means as the control 
information on the basis of matching between the detected information from said sensor and the 
stored information in said storage means, and 
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said service providing means comprises 

acquisition means for, upon receiving the account number from said processing means, 
acquiring the outstanding balance corresponding to the received account number from said 
database, 

withdrawal means for withdrawing cash corresponding to predetermined operation by the 
user from the outstanding balance acquired by said acquisition means, and 

outstanding balance recording means for subtracting an amount withdrawn by said 
withdrawal means from the outstanding balance acquired by said acquisition means and storing a 
new outstanding balance in said database. 

63. (Withdrawn) A machine according to claim 61, wherein 

said machine further comprises a database which stores an outstanding balance 
corresponding to an account number of the user in advance, 

said storage means of said biometrical information authentication token stores the 
account number of the user, 

said processing means outputs the account number in said storage means as the control 
information on the basis of matching between the detected information from said sensor and the 
stored information in said storage means, and 

said service providing means comprises 

acquisition means for, upon receiving the account number from said processing means, 
acquiring the outstanding balance corresponding to the received account number from said 
database, and 

outstanding balance recording means for adding an amount deposited by the user to the 
outstanding balance acquired by said acquisition means and storing a new outstanding balance in 
said database. 

64. (Withdrawn) A biometrical information authentication automatic teller machine for 
providing, to a user, a service including deposit/withdrawal of cash for the user on the basis of 
authentication of biometrical information of the user, characterized by comprising: 
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information transmission/reception means for transmitting/receiving information to/from 
a biometrical information authentication token for authenticating the user on the basis of 
comparison/collation between biometrical information stored in storage means and the 
biometrical information of the user, which is detected by a sensor; and 

service providing means for, when said information transmission/reception means 
receives control information output from the biometrical information authentication token on the 
basis of matching between detected information from the sensor and the biometrical information 
in the storage means, providing the service to the user on the basis of the received control 
information. 

65. (Withdrawn) A machine according to claim 64, wherein 

said machine further comprises a database which stores an outstanding balance 
corresponding to an account number of the user in advance, 

the storage means of the biometrical information authentication token stores the account 
number of the user, and 

said service providing means comprises 

acquisition means for, when said information transmission/reception means receives the 
account number output from the biometrical information authentication token as the control 
information on the basis of matching between the detected information from the sensor and the 
biometrical information in the storage means, acquiring the outstanding balance corresponding to 
the received account number from said database, 

withdrawal means for withdrawing cash corresponding to predetermined operation by the 
user from the outstanding balance acquired by said acquisition means, and 

outstanding balance recording means for subtracting an amount withdrawn by said 
withdrawal means from the outstanding balance acquired by said acquisition means and storing a 
new outstanding balance in said database. 

66. (Withdrawn) A machine according to claim 64, wherein 

said machine further comprises a database which stores an outstanding balance 
corresponding to an account number of the user in advance, 
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the storage means of the biometrical information authentication token stores the account 
number of the user, and 

said service providing means comprises 

acquisition means for, when said information transmission/reception means receives the 
account number output from the biometrical information authentication token as the control 
information on the basis of matching between the detected information from the sensor and the 
biometrical information in the storage means, acquiring the outstanding balance corresponding to 
the received account number from said database, and 

outstanding balance recording means for adding an amount deposited by the user to the 
outstanding balance acquired by said acquisition means and storing a new outstanding balance in 
said database. 

67. (Withdrawn) A machine according to claim 61, wherein when a passbook of the user is 
inserted, said outstanding balance recording means records information including the outstanding 
balance on the passbook. 

68. (Withdrawn) A machine according to claim 64, wherein when a passbook of the user is 
inserted, said outstanding balance recording means records information including the outstanding 
balance on the passbook. 

69. (Withdrawn) A machine according to claim 61, wherein 

said storage means stores a fingerprint image of the user as the biometrical information, 
said sensor detects the fingerprint image of the user as the biometrical information, and 
said processing means or biometrical information authentication token outputs the control 

information on the basis of matching between the fingerprint image detected by said sensor and 

the fingerprint image in said storage means. 

70. (Withdrawn) A machine according to claim 69, wherein 

the storage means stores a fingerprint image of the user as the biometrical information, 
the sensor detects the fingerprint image of the user as the biometrical information, and 
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said processing means or biometrical information authentication token outputs the control 
information on the basis of matching between the fingerprint image detected by the sensor and 
the fingerprint image in the storage means. 

7 1 . (Withdrawn) A portable terminal system comprising a portable terminal device (501) 
and a biometrical authentication device (502), characterized in that 

said biometrical authentication device (502) comprises 

biometrical information read means (1 1) for reading biometrical information of a 
user who holds said biometrical authentication device, 

first storage means (12) for storing biometrical information of an authentic user 
registered in advance and personal information of the authentic user, and 

a first processing unit (13, 14) for performing personal authentication by collating 
the biometrical information read by said biometrical information read means (11) with the 
biometrical information of the authentic user stored in said first storage means (12), and only 
when an authentication result represents that collation is successful, transmitting the personal 
information stored in said first storage means to said portable terminal device, and 
said portable terminal device (501) comprises 

second storage means (515) for storing the personal information transmitted from 
said biometrical authentication device (502), and 

second processing means (514) for executing communication processing or data 
processing using the personal information stored in said second storage means. 

72. (Withdrawn) A portable terminal system comprising a portable terminal device (501 ) 
and a biometrical authentication device (502), characterized in that 

said biometrical authentication device (502) comprises 

biometrical information read means (1 1) for reading biometrical information of a 
user who holds said biometrical authentication device, 

first storage means (12) for storing biometrical information of an authentic user 
registered in advance and service information necessary for the authentic user to receive a 
service, and 
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a first processing unit (13, 14) for performing personal authentication by collating 
the biometrical information read by said biometrical information read means with the biometrical 
information of the authentic user stored in said first storage means, and only when an 
authentication result represents that collation is successful, transmitting the service information 
stored in said first storage means to said portable terminal device, and 
said portable terminal device (501) comprises 

second storage means (515) for storing the service information transmitted from 
said biometrical authentication device (502), and 

second processing means (514) for executing communication processing or data 
processing using the service information stored in said second storage means. 

73 . (Withdrawn) A system according to claim 7 1 , wherein 

the personal information contains a personal identification number of the authentic user, 

and 

after the personal information is stored in said second storage means, said second 
processing means of said portable terminal device is connected to a network using the personal 
identification number contained in the personal information. 

74. (Withdrawn) A system according to claim 72, wherein 

the service information contains a password used to log in to a web site, and 
after the service information is stored in said second storage means, said second 
processing means of said portable terminal device acquires, from the service information, a 
password corresponding to a web site accessed through a network and transmits the acquired 
password to the accessed web site. 

75. (Withdrawn) A biometrical authentication device characterized by comprising: 
biometrical information read means for reading biometrical information of a user who 

holds said device; 

storage means for storing biometrical information of an authentic user registered in 
advance and personal information of the authentic user; and 
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a processing unit for performing personal authentication by collating the biometrical 
information read by said biometrical information read means with the biometrical information of 
the authentic user stored in said storage means, and only when an authentication result represents 
that collation is successful, transmitting the personal information stored in said storage means to 
a portable terminal device, 

wherein only when the authentication result represents that the collation is successful, the 
personal information is transmitted to the portable terminal device which does not hold the 
personal information, thereby allowing communication processing or data processing using the 
personal information. 

76. (Withdrawn) A biometrical authentication device characterized by comprising: 
biometrical information read means for reading biometrical information of a user who 

holds said device; 

storage means for storing biometrical information of an authentic user registered in 
advance and service information necessary for the authentic user to receive a service; and 

a processing unit for performing personal authentication by collating the biometrical 
information read by said biometrical information read means with the biometrical information of 
the authentic user stored in said storage means, and only when an authentication result represents 
that collation is successful, transmitting the service information stored in said storage means to a 
portable terminal device, 

wherein only when the authentication result represents that the collation is successful, the 
service information is transmitted to the portable terminal device which does not hold the service 
information, thereby allowing communication processing or data processing using the service 
information. 

77. (Withdrawn) A device according to claim 75, wherein the personal information contains 
a personal identification number of the authentic user, which is necessary to connect the portable 
terminal device to a network. 



Application No. 09/853,770 
Page 28 



78. (Withdrawn) A device according to claim 76, wherein the service information contains 
a password used to log in to a web site from the portable terminal device through a network. 

79. (Withdrawn) A portable terminal device characterized by comprising: 

storage means for receiving personal information of an authentic user from a biometrical 
authentication device and storing the personal information, the biometrical authentication device 
executing personal authentication using biometrical information of a user, and transmitting the 
personal information of the authentic user only when an authentication result indicates that 
collation is successful; and 

processing means for executing communication processing or data processing using the 
personal information stored in said storage means, 

wherein the communication processing or data processing using the personal information 
is executed only when the personal information stored in the biometrical authentication device is 
received. 

80. (Withdrawn) A portable terminal device characterized by comprising: 

storage means for receiving service information necessary for an authentic user to receive 
a service from a biometrical authentication device and storing the service information, the 
biometrical authentication device executing personal authentication using biometrical 
information of a user, and transmitting the service information only when an authentication result 
indicates that collation is successful; and 

processing means for executing communication processing or data processing using the 
service information stored in said storage means, 

wherein the communication processing or data processing using the service information 
is executed only when the service information stored in the biometrical authentication device is 
received. 

8 1 . (Withdrawn) A device according to claim 79, wherein 

the personal information contains a personal identification number of the authentic user, 

and 
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after the personal information is stored in said storage means, said processing means of 
said portable terminal device is connected to a network using the personal identification number 
contained in the personal information. 

82. (Withdrawn) A device according to claim 80, wherein 

the service information contains a password used to log in to a web site, and 
after the service information is stored in said storage means, said processing means of 
said portable terminal device acquires, from the service information, a password corresponding 
to a web site accessed through a network and transmits the acquired password to the accessed 
web site. 

83. (Currently Amended) A token according to claim 1, wherein 

said token further comprises an encryption circuit for encrypting data generated from the 
authentication data and dynamic information generated by the use-device and transmitted using a 
key registered in advance, and 

said communication circuit transmits to the ttse-device encrypted data generated by said 
encryption circuit 

wherein the dynamic information changes each time it is generated . 

84. (Currently Amended) A rThe token according to claim 1, wherein 
said token further comprises 

a result determination circuit for, when the collation result indicates that the 
authentication is successful, outputting the authentication data to said encryption circuit, and 
when the collation result indicates that the authentication fails, outputting the authentication data 
to said first communication circuit, and 

an encryption circuit for, in accordance with the authentication data from said result 
determination circuit, encrypting dynamic information transmitted from the-use device using a 
key registered in advance, adding obtained encrypted data to the authentication data, and 
outputting the encrypted data, and 
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said communication circuit transmits to the use-device the authentication data with the 
encrypted data from said encryption circuit or the authentication data from said result 
determination circuit. 

85. (Currently Amended) A -The token according to claim 1, wherein 
said token further comprises 

an encryption circuit for encrypting dynamic information transmitted from the-use device 
using a key registered in advance and outputting obtained encrypted data to said first 
communication circuit as data, and 

a first result determination circuit for, when the collation result indicates that the 
authentication is successful, instructing said encryption circuit to generate the encrypted data, 
and when the collation result indicates that the authentication fails, outputting data whose 
number of digits is different from that of the encrypted data that would be produced if the 
authentication was successful to said first communication circuit, and 

said first communication circuit transmits to the use-device the data from said encryption 
circuit or the data from said first result determination circuit. 

86. (Currently Amended) A -The token according to claim 84, wherein 

said token further comprises an ID storage circuit for storing identification information of 
said authentication token registered in advance, and 

said first communication circuit transmits to the use-device the identification information 
stored in said ID storage circuit. 

87. (Currently Amended) Ar The system according to claim 10, wherein said storage circuit 
stores, as the user information, personal information of the user and service information related 
to the service provided by the use-device, and stores the personal information, service 
information, and registered information in separate storage areas. 
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88. (Currently Amended) A rThe system according to claim 10, wherein 

said authentication token further comprises an encryption circuit for encrypting dynamic 
information transmitted from the use-device and data generated from the authentication data 
using a key registered in advance, 

said first communication circuit transmits to the use-device encrypted data generated by 
said encryption circuit, and 

said processing unit comprises a dynamic information generation circuit for generating 
the dynamic information to be transmitted to said authentication token, a decryption circuit for 
decrypting the encrypted data transmitted from said authentication token using a key 
corresponding to the key, and a result determination circuit for executing the predetermined 
processing only when a collation result of the authentication data contained in the data decrypted 
by said decryption circuit indicates that the authentication is successful, and the dynamic 
information contained in the data matches the dynamic information generated by said dynamic 
information generation circuit and transmitted to said authentication token. 

89. (Currently Amended) A- The system according to claim 10, wherein 

said authentication token further comprises a first result determination circuit for, when 
the collation result indicates that the authentication is successful, outputting the authentication 
data to said encryption circuit, and when the collation result indicates that the authentication 
fails, outputting the authentication data to said first communication circuit, and an encryption 
circuit for, in accordance with the authentication data from said first result determination circuit, 
encrypting dynamic information transmitted from the use-device using a key registered in 
advance, adding obtained encrypted data to the authentication data, and outputting the encrypted 
data, 

said first communication circuit transmits to the use-device the authentication data with 
the encrypted data from said encryption circuit or the authentication data from said first result 
determination circuit, and 

said processing unit comprises a dynamic information generation circuit for generating 
the dynamic information to be transmitted to said authentication token, a decryption circuit for 
decrypting the encrypted data transmitted from said authentication token using a key 
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corresponding to the key, and a second result determination circuit for causing said decryption 
circuit to decrypt the encrypted data added to the authentication data only when an authentication 
result of the authentication data from said authentication token, which is received by said second 
communication circuit, indicates that the authentication is successful, and executing the 
predetermined processing only when the obtained dynamic information matches the dynamic 
information generated by said dynamic information generation circuit and transmitted to said 
authentication token. 

90. (Currently Amended) A -The system according to claim 10, wherein 

said authentication token further comprises an encryption circuit for encrypting dynamic 
information transmitted from the use-device using a key registered in advance and outputting 
obtained encrypted data to said first communication circuit as data, and a first result 
determination circuit for, when the collation result indicates that the authentication is successful, 
instructing said encryption circuit to generate the encrypted data, and when the collation result 
indicates that the authentication fails, outputting data whose number of digits is different from 
that of the encrypted data to said first communication circuit, 

said first communication circuit transmits to the use-device the data from said encryption 
circuit or the data from said first result determination circuit, and 

said processing unit comprises a dynamic information generation circuit for generating 
the dynamic information to be transmitted to said authentication token, a decryption circuit for 
decrypting the encrypted data transmitted from said authentication token using a key 
corresponding to the key, and a second result determination circuit for causing said decryption 
circuit to decrypt the encrypted data added to the data only when the number of digits of the data 
from said authentication token, which is received by said second communication circuit, 
indicates the number of digits when the authentication is successful, and executing the 
predetermined processing only when the obtained dynamic information matches the dynamic 
information generated by said dynamic information generation circuit and transmitted to said 
authentication token. 
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91 . (Currently Amended) Ar The system according to claim 88, wherein 

said authentication token further comprises an ID storage circuit for storing identification 
information of said authentication token registered in advance, 

said first communication circuit transmits to the use-device the identification information 
stored in said ID storage circuit, and 

said decryption circuit decrypts the encrypted data from said authentication token using a 
key corresponding to the identification information transmitted from said authentication token. 

92. (Currently Amended) Ar The system according to claim 89, wherein 

said authentication token further comprises an ID storage circuit for storing identification 
information of said authentication token registered in advance, 

said first communication circuit transmits to the use-device the identification information 
stored in said ID storage circuit, and 

said decryption circuit decrypts the encrypted data from said authentication token using a 
key corresponding to the identification information transmitted from said authentication token. 

93. (Currently Amended) Ar The system according to claim 90, wherein 

said authentication token further comprises an ED storage circuit for storing identification 
information of said authentication token registered in advance, 

said first communication circuit transmits to the use-device the identification information 
stored in said ID storage circuit, and 

said decryption circuit decrypts the encrypted data from said authentication token using a 
key corresponding to the identification information transmitted from said authentication token. 



